Quick Start
- Step 1: Enable Console Access
- Step 2: Generate API Credentials
- Step 3: Configure the Technology in Workbench
Step 1: Enable Console Access
-
Sign in to the Sumo Logic CIP console to create a new user.
-
Navigate to Administration > Users and Roles > Users and click the Add User button at the top right of the page.
-
Fill in the below information.
-
For First Name, type Expel.
-
For Last Name, type SOC analysts.
-
For Email, type soc+<your_company_name>@expel.io.
Note
Yes, the "+" sign is part of the email address, and it's important. Click here to find out why. -
For Assigned Roles select the Analyst role.
-
Click Add New User.
-
-
Verify that Expel SOC now appears on the Users page.
-
Sign into Sumo Logic Cloud SIEM Enterprise console.
-
Navigate to Accounts.
-
Click Invite at the top right of the page.
-
Invite the Sumo Logic CIP user from step 1 with a role of Analyst.
Step 2: Generate API Credentials
-
Edit the Sumo Logic Cloud SIEM Enterprise user created in Step 1.
-
Select API Key Enabled.
-
Select YES, REGENERATE API KEY.
-
Click UPDATE and log out.
-
Log back into Sumo Logic Cloud SIEM Enterprise console with the new user created in Step 1.
-
Click the user profile at the top right of the page.
-
Copy API Key and make note of it.
Step 3: Configure the Technology in Workbench
-
In a new browser tab, log into https://workbench.expel.io.
-
On the console page, navigate to Settings and click Security Devices.
-
At the top of the page, click Add Security Device.
-
Search for and select Sumo Logic Cloud.
-
Type Name and Location. For example Sumo Logic Cloud SIEM Enterprise and Expel Lab.